Описание
An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | ignored | |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | not-affected | debian: Specific to EE |
Показывать по
Ссылки на источники
4.3 Medium
CVSS3
Связанные уязвимости
An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user.
An issue has been discovered in GitLab EE affecting all versions from ...
An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостатками процедуры авторизации, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
4.3 Medium
CVSS3